Monday, August 29, 2016

ADFS 3.0 set extended timeout in Windows 2012 R2 for MS CRM 2013, MS CRM 2015 , MS CRM 2016

if you have done default setting the timeout is 30 mnts, if you/users need more idle time out, below way you can do.
this is different that we do in earlier way for ASFD 2.0


login to the server with ADFS admin rights and open Server manager and then ADFS Management from tool menu.
in ADFS management, expand Trust Relationship and then Replying Party Trust.
take note of the replying party trust name (<Relying Party Name> that, you want to increate the timeout.
now open Windows PowerShell on admin right and run below command.


Set-ADFSRelyingPartyTrust -Targetname “<Relying Party Name>“ -TokenLifetime 720


720 here is in minutes and 12 hrs here. so you use as per your requirements.


Regards,
Yes.Sudhanshu

Wednesday, April 27, 2016

Invalid provider type specified, Keyset does not exist Not available Not available error, MS CRM 2011, 2013 CBA, IFD consiguration

while configuring CBA,IFD, I got below error while accessing CRM federation url in browser.


  <?xml version="1.0" ?>
- <error xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <exception>Unhandled Exception: System.ServiceModel.FaultException`1[[Microsoft.Xrm.Sdk.OrganizationServiceFault, Microsoft.Xrm.Sdk, Version=5.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]: System.Security.Cryptography.CryptographicException: Microsoft Dynamics CRM has experienced an error. Reference number for administrators or support: #FCF77A9CDetail: <OrganizationServiceFault xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/xrm/2011/Contracts"> <ErrorCode>-2147220970</ErrorCode> <ErrorDetails xmlns:d2p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" /> <Message>System.Security.Cryptography.CryptographicException: Microsoft Dynamics CRM has experienced an error. Reference number for administrators or support: #FCF77A9C</Message> <Timestamp>2016-04-27T12:00:51.1956331Z</Timestamp> <InnerFault i:nil="true" /> <TraceText i:nil="true" /> </OrganizationServiceFault></exception>
  <parameters xsi:nil="true" />
  <displaytitle />
  <displaytextencoded />
  <displaytext />
  <description>Invalid provider type specified.</description>
  <file>Not available</file>
  <line>Not available</line>
  <details>Not available</details>
  <traceInfo />
  <requesturl>https://<URL>/Handlers/FederationMetadata.ashx</requesturl>
  <pathAndQuery>/Handlers/FederationMetadata.ashx</pathAndQuery>
  <source>ASHX_XML</source>
  <stacktrace />
  </error>


Solution 
I was updating new certificate in my new environment.
finally come to know that the CRS I have generated was SHA2 and it was generated using CNG Key by custom CRS.
as SHA1 was deprecated , so I have used custom way to generate and to get SHA2 I have used CNG Key. unfortunately MS CRM does not support CNG Key, rather Legacy Key.

URL: https://technet.microsoft.com/en-us/library/gg188582(v=crm.6).aspx
another URL https://support.microsoft.com/en-sg/kb/3079686 tell also something about CNG Key.


then I generated SHA1 by using Legacy or use IIS but got SHA2 from my CA provider and it works.


hope this helps...


Regards,
Yes.Sudhanshu



Tuesday, April 19, 2016

Exception message: Creating an instance of the COM component with CLSID {080D0D78-F421-11D0-A36E-00C04FB950DC} from the IClassFactory failed due to the following error. MS CRM 2016

while working on ms crm 2016 I got below error in event viewer.
strangely one of Org was accessible, but others can not.
as per below error, as it was mentioning something on the crmsvc account that was used for crm apppool in IIS, I just restarted the AppPool and then all good and I am able to access ms crm.




Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 4/20/2016 2:08:28 PM
Event time (UTC): 4/20/2016 6:08:28 AM
Event ID: c65840c29f464e69811a516c54a8f703
Event sequence: 516
Event occurrence: 15
Event detail code: 0
 
Application information:
    Application domain: /LM/W3SVC/2/ROOT-1-131056047130912684
    Trust level: Full
    Application Virtual Path: /
    Application Path: F:\Program Files\Microsoft Dynamics CRM\CRMWeb\
    Machine name: SSAPAL31
 
Process information:
    Process ID: 3796
    Process name: w3wp.exe
    Account name: <Domain>\<CRMAppPoolAccount>
 
Exception information:
    Exception type: COMException
    Exception message: Creating an instance of the COM component with CLSID {080D0D78-F421-11D0-A36E-00C04FB950DC} from the IClassFactory failed due to the following error: 800401e4 Invalid syntax (Exception from HRESULT: 0x800401E4 (MK_E_SYNTAX)).
   at Microsoft.Crm.ADNameUtility.CreateLdapPath(String distinguishedName)
   at Microsoft.Crm.SecurityUtils.CheckMembership(Guid principalId, Guid groupId)
   at Microsoft.Crm.Caching.OrganizationSettingsCacheLoader.LoadCacheData(Guid key, ExecutionContext context)
 
 
 
Request information:
    Request URL: https://xyz.com:443/Org1/default.aspx
    Request path: /Mohh/default.aspx
    User host address: 10.12.12.12
    User: login username
    Is authenticated: True
    Authentication Type: Negotiate
    Thread account name: <Domain>\<CRMAppPoolAccount>
 
Thread information:
    Thread ID: 64
    Thread account name: <Domain>\<CRMAppPoolAccount>
    Is impersonating: False
    Stack trace:    at Microsoft.Crm.ADNameUtility.CreateLdapPath(String distinguishedName)
   at Microsoft.Crm.SecurityUtils.CheckMembership(Guid principalId, Guid groupId)
   at Microsoft.Crm.Caching.OrganizationSettingsCacheLoader.LoadCacheData(Guid key, ExecutionContext context)
 
 
Custom event details:


 
Regards,
Yes.Sudhanshu

Sunday, January 31, 2016

Adding more than one data source with null original name, ms crm report execution

Hi,

in one of my environment, there was a sudden issue on report, all were working fine. but we did a password reset to one account and that was used by the data sources.
after following report log file found below message

"Adding more than one data source with null original name".
then I found on google that one of the data source might have corrupted.
as there was a password reset, I specifically changed all the password and the restart the service and all fine.

so make sure all the data sources are ok, else if any one data source is corrupted that might cause issue for the whole report server, if not now but in future.

Regards,
Sudhanshu

Wednesday, December 2, 2015

The update file is not valid for installation of this application.For additional details see logfile C:\Users\<,,,,,,>\AppData\Roaming\Microsoft\MSCRM\Logs\crmsetup.log. ms crm 2011, 2013, 2015 installation

while doing installation I got below message.
"The update file is not valid for installation of this application.For additional details see logfile C:\Users\<,,,,>\AppData\Roaming\Microsoft\MSCRM\Logs\crmsetup.log."

this was weird. but I found there was a file in update folder inside the installation files.
so make sure that is the right one, else remove that if that is copied in by mistake.

Regards,
Sudhanshu
 

ActiveDirectoryRightsValidator.Failure.Groups.ProvReportingGroup error , MS CRM 2011, 2013, 2015 Reporting Extension installation

while installing ms crm reporting extension got below error
"ActiveDirectoryRightsValidator.Failure.Groups.ProvReportingGroup error , MS CRM 2011, 2013, 2015 Reporting Extension installation"
this is cause some AD permission issue.
just find that PrivReportingGroup in AD and give Create all child object and Delete all child object permission and then start....

Regards,
Sudhanshu

 

Action Microsoft.Crm.Setup.Server.AddAspNetServiceAccountToSqlAccessGroupAction failed. Access Denied ms crm 2011, 2013, 2015 installation

while doing ms crm installation I got below error in between
"Action Microsoft.Crm.Setup.Server.AddAspNetServiceAccountToSqlAccessGroupAction failed. Access Denied". this is cause of some permission in AD for the account used for installation.
this needs "Delegate Control" to that OU where the account belongs to as below.
then it should be ok. TIPS: in the above do not Cancel. if so you have to do all along again. rather just give the permission and then click Retry to proceed. thx